No business is too small for a cyber security strategy
18 August 2021
Cyber threats can come in many forms – from scam emails to malicious software, ransomware and more. In 2020, scams reported by Australian businesses increased 260% from the previous year, with business email compromise scams causing $128 million in losses (ACCC).
In 2021, ASIC is continuing to see an increase in scams involving fake websites, social media sites, calls from call-centre staff, stock exchanges – even fake regulators. Scammers’ impersonation skills are becoming increasingly sophisticated, making it very difficult for companies and employees to differentiate between legitimate businesses and scams.
Here are the steps you can take to protect your business and customers.
1. Understand your duties
Company directors and business owners should take the time to understand cyber security risk and how to best protect their business. ASIC has published a list of cyber-risk governance questions for company directors to consider.
2. Take action
Company directors and business owners should ensure robust cyber security resilience strategies are in place to protect against threats and scams. The Australian Cyber Security Centre has released a Small Business Cyber Security Guide on how to protect your business from the most common cyber security incidents.
Visit cyber.gov.au for advice on how to protect yourself and your business from cyber threats.
3. Aim for continuous improvement
Implementing a cyber security strategy is not ‘set and forget’ – it requires continuous improvement to stay ahead of ever-evolving threats. To identify areas for improvement, take a look at the Cyber Security Assessment Tool (business.gov.au). Designed for small and medium-sized businesses, the assessment takes 20 minutes to complete.
4. Remain vigilant
ASIC does not endorse particular investments. You should be wary of any website or advert which states the investment is approved by ASIC or contains ASIC’s logo – it’s a scam. ASIC does not authorise businesses to use its name and branding to promote themselves.
The Be Fraud Aware guide (business.gov.au) highlights common scams targeted at businesses of which to be aware, how to protect customer data, and where to get further information and assistance.
Think you have been scammed?
If you think you or someone you know has been scammed, lodge a report of misconduct with ASIC and consider reporting the matter to police. ASIC is interested in scams involving a financial product, such as:
- financial products and services promising returns that are too good to be true
- phone investment scams
- pyramid marketing schemes involving a financial product.
You can also make a report to the Australian Cyber Security Centre at ReportCyber. Your report may disrupt the scammers and may warn others to avoid it.
If your small business is facing financial difficulty, contact the Small Business Debt Helpline on 1800 413 828. This free advice service was established in 2020 by Financial Counselling Australia with funding from the Australian Government. The helpline is staffed by qualified financial counsellors who will listen and give you practical advice to help you get back on track.
If you are experiencing problems with debt, contact the National Debt Helpline on 1800 007 007 (Monday to Friday 9.30am to 4.30pm) or chat online.